Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks.

The flaw, tracked as CVE-2024–5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164, has been credited with discovering and reporting the issue.

The plugin is “vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the ‘give_title’ parameter,” Wordfence said in a report this week.

Read more | >

A widely used security protocol that dates back to the days of dial-up internet has vulnerabilities that could expose large numbers of networked devices to an attack and allow an attacker to gain control of traffic on an organization’s network.

A research team led by University of California San Diego computer scientists investigated the Remote Authentication Dial-In User Service (RADIUS) protocol and found a vulnerability they call Blast-RADIUS that has been present for decades. RADIUS, designed in 1991, allows networked devices such as routers, switches or mobile roaming gear to use a to validate login or other credentials.

This is a common set-up in enterprise and because it allows credentials to be centrally managed. As a result, RADIUS is a critical part of modern telecommunications and enterprise networks; in large enterprises, it may control access to tens of thousands of switches.

Read more | >

Innovative diode laser spectroscopy provides precise monitoring of the color changes in the sweeping laser at each moment, establishing new benchmarks for frequency metrology and practical applications.

Since the laser’s debut in the 1960s, laser spectroscopy has evolved into a crucial technique for investigating the intricate structures and behaviors of atoms and molecules. Advances in laser technology have significantly expanded its potential. Laser spectroscopy primarily consists of two key types: frequency comb-based laser spectroscopy and tunable continuous-wave (CW) laser spectroscopy.

Comb-based laser spectroscopy enables extremely precise frequency measurements, with an accuracy of up to 18 digits. This remarkable precision led to a Nobel Prize in Physics in 2005 and has applications in optical clocks, gravity sensing, and the search for dark matter. Frequency combs also enable high-precision, high-speed broadband spectroscopy because they combine large bandwidth with high spectral resolution.

Read more | >